/*
 * Copyright(c) 2012 Donghong Inc.
 */
package com.hatic.login;

import java.util.Iterator;
import java.util.Map;

import org.jxstar.control.action.RequestContext;
import org.jxstar.dao.DaoParam;
import org.jxstar.security.Password;
import org.jxstar.service.BusinessObject;
import org.jxstar.service.util.SysUserUtil;
import org.jxstar.util.MapUtil;
import org.jxstar.util.factory.FactoryUtil;
import org.jxstar.util.resource.JsMessage;
import org.jxstar.util.resource.JsParam;

/**
 * 中烟项目专用登录处理类。
 *
 * @author TonyTan
 * @version 1.0, 2012-7-17
 */
public class PmLoginBO extends BusinessObject {
	private static final long serialVersionUID = 1L;

	public String login(RequestContext request) {
		String sUserCode = request.getRequestValue("user_code");
		String sUserPass = request.getRequestValue("user_pass");
		String iscas = request.getRequestValue("iscas");
		_log.showDebug("login user code = " + sUserCode);
		
		//检查用户名与密码
		if (sUserCode.length() == 0 || (!iscas.equals("1") && sUserPass.length() == 0)) {
			setMessage(JsMessage.getValue("loginbm.usercodenull"));
			return _returnFaild;
		}
		
		//取项目路径，系统登录时的项目路径为当前系统路径，在选择项目后可以修改项目路径
		String sysPath = request.getRequestValue(JsParam.REALPATH);
		
		Map<String,String> mpUser = casLogin(sUserCode, sUserPass, iscas, sysPath);
		if (mpUser == null || mpUser.isEmpty()) return _returnFaild;
		
		_log.showDebug("-------session user info: " + mpUser.toString());
		request.setUserInfo(mpUser);
		
		//把用户信息保存为脚本，返回给前台
		setReturnData(getScript(mpUser));
		
		return _returnSuccess;
	}
	
	/**
	 * CAS过滤器调用的类
	 * @param sUserCode
	 * @param sUserPass
	 * @param iscas
	 * @param sysPath
	 * @return
	 */
	public Map<String,String> casLogin(String sUserCode, String sUserPass, String iscas, String sysPath) {
		//从数据库中去用户信息
		Map<String,String> mpUser = SysUserUtil.getUserByCode(sUserCode);
		if (mpUser == null || mpUser.isEmpty()) {
			setMessage(JsMessage.getValue("loginbm.nouserinfo", sUserCode));
			return null;
		}
		
		//非集成方法需要判断密码
		if (!iscas.equals("1")) {
			//比较密码
			String sPass = (String) mpUser.get("user_pwd");
			//加密后的密码
			String userPass = Password.md5(sUserPass);
			if (! sPass.equals(userPass)) {
				setMessage(JsMessage.getValue("loginbm.userpwderror"));
				return null;
			}
		}
		
		//取当前用户的角色
		String sUserID = (String) mpUser.get("user_id");
		String sRoleID = SysUserUtil.getRoleID(sUserID);
		if (sRoleID == null || sRoleID.length() == 0) {
			setMessage(JsMessage.getValue("loginbm.nouserrole", sUserCode));
			return null;
		}
		
		//保存用户信息
		mpUser.put("role_id", sRoleID);
		mpUser.remove("user_pwd");
		
		//保存用户信息到会话中
		mpUser.put("project_path", sysPath);
		_log.showDebug("-------session user info: " + mpUser.toString());
		return mpUser;
	}
	//		
	//取项目路径，系统登录时的项目路径为当前系统路径，在选择项目后可以修改项目路径
	//String sysPath = request.getRequestValue("sys.realpath");
	
	protected Map<String,String> returnData(final Map<String,String> mpUser) {
		Map<String,String> retData = FactoryUtil.newMap();
		
		String deptId = MapUtil.getValue(mpUser, "dept_id");
		if (deptId.length() < 4) return retData;
		
		String rootid = deptId.substring(0, 4);
		//如果是本部单位，则直接取当前部门
		if (rootid.equals("1001")) {
			retData.put("orgid", mpUser.get("dept_id"));
			retData.put("orgcode", mpUser.get("dept_code"));
			retData.put("orgname", mpUser.get("dept_name"));
		} else {
			String sql = "select dept_id, dept_code, dept_name from sys_dept where dept_id = ?";
			DaoParam param = _dao.createParam(sql);
			param.addStringValue(rootid);
			Map<String,String> mpData = _dao.queryMap(param);
			
			retData.put("orgid", MapUtil.getValue(mpData, "dept_id"));
			retData.put("orgcode", MapUtil.getValue(mpData, "dept_code"));
			retData.put("orgname", MapUtil.getValue(mpData, "dept_name"));
		}
		
		return retData;
	}

	public String getScript(Map<String,String> mpUser) {
		String userId = mpUser.get("user_id");
		
		StringBuilder sbUser = new StringBuilder("{");
		sbUser.append("user_id:'" + userId + "',");
		sbUser.append("user_code:'" + mpUser.get("user_code") + "',");
		sbUser.append("user_name:'" + mpUser.get("user_name") + "',");
		sbUser.append("dept_id:'" + mpUser.get("dept_id") + "',");
		sbUser.append("dept_code:'" + mpUser.get("dept_code") + "',");
		sbUser.append("dept_name:'" + mpUser.get("dept_name") + "',");
		
		//如果有扩展信息需要输出到session中
		Map<String,String> retData = returnData(mpUser);
		if (retData != null && !retData.isEmpty()) {
			Iterator<String> itr = retData.keySet().iterator();
			while(itr.hasNext()) {
				String key = itr.next();
				if (key == null || key.length() == 0) continue;
				
				sbUser.append(key + ":'" + retData.get(key) + "',");
			}
		}
		
		sbUser.append("project_path:'" + mpUser.get("project_path") + "',");
		sbUser.append("role_id:'" + mpUser.get("role_id") + "'}");
		
		return sbUser.toString();
	}
}
